Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/iUk2qAaYanuhC0yHx75ofbbtDfw.roa
File: iUk2qAaYanuhC0yHx75ofbbtDfw.roa (raw, json)
Hash identifier: 6NTe6e0s9TjAs580GSrWi1bA7imMCeeLHXSr5hAoGzk=
Subject key identifier: 89:49:36:A8:06:98:6A:7B:A1:0B:4C:87:C7:BE:68:7D:B6:ED:0D:FC
Certificate issuer: /CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Certificate serial: 01943855427E0C4C5D36813228FD2862E9A6
Authority key identifier: F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/iUk2qAaYanuhC0yHx75ofbbtDfw.roa
Signing time: Sun 05 Jan 2025 21:18:19 +0000
ROA not before: Sun 05 Jan 2025 21:18:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 394814
IP address blocks: 195.225.130.0/23 maxlen: 23
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:38:55:42:7e:0c:4c:5d:36:81:32:28:fd:28:62:e9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f440e5eba2f8bfc8fe8fe56cc88a4289652390ba
Validity
Not Before: Jan 5 21:18:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=894936a806986a7ba10b4c87c7be687db6ed0dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:10:2a:56:9a:38:e7:ef:d8:67:65:b7:0e:86:
10:a6:64:21:23:bb:1a:d4:24:a0:1c:d2:bb:d4:66:
26:67:d6:dc:74:76:e5:63:56:04:c3:57:96:cd:cc:
c1:17:05:56:e7:1c:3e:4f:a4:45:da:06:ea:49:8b:
78:d7:d6:c8:14:d3:79:00:8b:78:17:2d:f1:36:1e:
d0:4f:f9:8e:88:6a:8c:9c:59:1f:27:8e:05:a5:97:
f4:87:9d:72:16:05:25:c5:9b:e2:93:d0:00:cd:c4:
31:db:9d:45:d0:f2:ae:c0:06:b0:9d:e4:11:22:92:
ae:63:06:f1:f4:8e:81:8d:7a:87:3a:f7:04:03:70:
8c:cc:b8:f3:d9:c9:a9:a1:4c:8d:c6:10:40:33:97:
70:36:a3:6b:27:0b:8c:91:3c:1e:ad:f8:06:ac:be:
c9:99:c7:98:bb:5f:39:5a:2d:6f:6c:13:de:6e:55:
e8:09:a8:fc:77:7a:f0:0d:12:70:5a:97:69:83:85:
d3:8c:fb:5f:a9:66:74:56:80:61:2a:d1:11:e0:7a:
23:7e:5d:f8:46:67:db:17:ea:c2:64:c5:20:ae:86:
35:bf:19:4e:5d:c5:73:3f:f1:d2:93:4f:79:a3:ff:
cc:e3:a8:b6:2c:dd:11:a7:b9:39:8d:e3:82:6e:99:
49:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:49:36:A8:06:98:6A:7B:A1:0B:4C:87:C7:BE:68:7D:B6:ED:0D:FC
X509v3 Authority Key Identifier:
keyid:F4:40:E5:EB:A2:F8:BF:C8:FE:8F:E5:6C:C8:8A:42:89:65:23:90:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9EDl66L4v8j-j-VsyIpCiWUjkLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/iUk2qAaYanuhC0yHx75ofbbtDfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/de8662-993f-47f7-a27f-00b92c1c1ef4/1/9EDl66L4v8j-j-VsyIpCiWUjkLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.225.130.0/23
Signature Algorithm: sha256WithRSAEncryption
44:f1:19:29:57:d4:a9:2b:39:65:c6:09:8a:3e:7b:ab:50:97:
3a:f4:51:46:92:c7:7c:b2:aa:32:1c:d5:b1:b6:f8:79:46:98:
0e:41:47:b1:1a:05:96:48:41:7d:bb:62:15:15:ca:3e:b2:35:
89:b9:bd:87:a1:b7:ff:e0:a7:98:2d:cd:3e:cd:a9:68:20:3e:
7f:7f:13:75:f5:5f:a6:6b:d7:69:78:55:5b:a5:bd:3e:00:50:
9e:bc:26:b5:57:18:ef:6b:2f:9f:19:51:d6:72:85:d9:7b:f2:
e5:3a:2d:fd:e1:38:34:f3:1f:aa:a2:16:ce:e1:3a:c0:ce:b6:
56:a5:93:73:e1:7a:34:ed:3f:b9:cb:10:bb:d9:da:ad:20:9f:
61:63:0b:eb:05:06:74:24:8c:2c:ba:bb:59:32:89:de:33:17:
ca:ef:63:0a:4a:ce:07:57:be:15:6c:a2:b5:f1:ad:5d:ae:b0:
6c:bb:71:d0:07:fd:31:97:2e:c6:b8:0c:3b:26:80:a7:8d:94:
28:08:ea:d9:6e:59:c2:13:7f:75:b9:55:18:0c:00:0e:dc:a5:
ce:09:43:8b:7a:d1:bb:f1:2d:52:72:41:24:3d:4c:39:57:16:
95:c3:b3:39:75:c9:6e:4f:cd:fc:85:5e:f4:7a:04:35:d5:a4:
e9:05:7d:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQ4VUJ+DExdNoEyKP0oYummMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0NDBlNWViYTJmOGJmYzhmZThmZTU2Y2M4OGE0Mjg5NjUy
MzkwYmEwHhcNMjUwMTA1MjExODE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTQ5MzZhODA2OTg2YTdiYTEwYjRjODdjN2JlNjg3ZGI2ZWQwZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xAqVpo45+/YZ2W3DoYQpmQhI7sa
1CSgHNK71GYmZ9bcdHblY1YEw1eWzczBFwVW5xw+T6RF2gbqSYt419bIFNN5AIt4
Fy3xNh7QT/mOiGqMnFkfJ44FpZf0h51yFgUlxZvik9AAzcQx251F0PKuwAawneQR
IpKuYwbx9I6BjXqHOvcEA3CMzLjz2cmpoUyNxhBAM5dwNqNrJwuMkTwerfgGrL7J
mceYu185Wi1vbBPeblXoCaj8d3rwDRJwWpdpg4XTjPtfqWZ0VoBhKtER4Hojfl34
RmfbF+rCZMUgroY1vxlOXcVzP/HSk095o//M46i2LN0Rp7k5jeOCbplJUwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIlJNqgGmGp7oQtMh8e+aH227Q38MB8GA1UdIwQY
MBaAFPRA5eui+L/I/o/lbMiKQollI5C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2Yt
MDBiOTJjMWMxZWY0LzEvaVVrMnFBYVlhbnVoQzB5SHg3NW9mYmJ0RGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kZTg2NjItOTkzZi00N2Y3LWEyN2YtMDBiOTJjMWMxZWY0
LzEvOUVEbDY2TDR2OGotai1Wc3lJcENpV1Vqa0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw+GCMA0G
CSqGSIb3DQEBCwUAA4IBAQBE8RkpV9SpKzllxgmKPnurUJc69FFGksd8sqoyHNWx
tvh5RpgOQUexGgWWSEF9u2IVFco+sjWJub2Hobf/4KeYLc0+zaloID5/fxN19V+m
a9dpeFVbpb0+AFCevCa1Vxjvay+fGVHWcoXZe/LlOi394Tg08x+qohbO4TrAzrZW
pZNz4Xo07T+5yxC72dqtIJ9hYwvrBQZ0JIwsurtZMoneMxfK72MKSs4HV74VbKK1
8a1drrBsu3HQB/0xly7GuAw7JoCnjZQoCOrZblnCE391uVUYDAAO3KXOCUOLetG7
8S1SckEkPUw5VxaVw7M5dcluT838hV70egQ11aTpBX0J
-----END CERTIFICATE-----
Generated at Tue Apr 8 14:21:26 2025 by rpki-client